#VeeamBackup

Year-Old Veeam Vulnerability Exploited in Fresh Ransomware Attacks

by

July 12, 2024 at 08:15AM Ransomware groups have been exploiting a year-old vulnerability in Veeam Backup & Replication, tracked as CVE-2023-27532 with a CVSS score of 7.5. Exploitation allows extraction of encrypted credentials and cleartext credentials, leading to data exfiltration and unauthorized access. Patched versions 12 and 11a address the vulnerability – organizations should update. … Read more

Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass

by

May 22, 2024 at 12:33AM Veeam Backup Enterprise Manager users are advised to update to version 12.1.2.172 due to a critical security flaw (CVE-2024-29849, CVSS 9.8) that allows unauthorized access. Three other vulnerabilities have been disclosed as well. Notably, environments without Veeam Backup Enterprise Manager are not affected. Other recent fixes include flaws in Veeam … Read more